Mobile Privacy

Update — We have updated our tipsheet to reflect the new information that has been published regarding the Apple smart phone geolocation issue. Apple plans to make changes to its software to improve the privacy problems the tipsheet discusses.

NTIA Multistakeholder Process — The US Department of Commerce has announced that it is supporting privacy legislation and a “stakeholder process” to determine self regulatory rules for Internet privacy. WPF wrote about what a fair stakeholder process needs to include in our comments to the US Department of Commerce. We urge that at a minimum, the stakeholder process will include these items: 1) Consumer and business representation be equal in any multi-stakeholder process. 2) Approval of consumer representatives must be a necessary element in any formal decisions, just as the approval of business will be necessary. 3) Consumers must select their own representatives through a process yet to be determined, and consumer representatives may not be designated or limited by business or government. 4) Consumer organization that require financial assistance to participate in the multi- stakeholder process should receive support for travel and other expenses (but not for staff support). 5) Government agencies may participate in the process, but no agency may have a vote. 6) Participants in the process must chose their own rules and presiding officer. 7) Certifiers of accountability with codes of conduct should be not-for-profit organizations that are wholly independent of business, consumers, and government.

Digital Signage Privacy Principles — The nation’s leading consumer and privacy groups released a set of baseline consumer privacy principles to be included in digital signage networks. The principles were released at the Digital Signage Expo in Las Vegas, Nevada, where World Privacy Forum executive director Pam Dixon spoke about the principles to a large group of digital signage industry professionals.

FTC Privacy Roundtable — Thursday, January 28, WPF Executive Director Pam Dixon will be speaking at the FTC’s Privacy Roundtable about the privacy implications of digital signage networks and will be specifically discussing the new report: The One-Way Mirror Society: Privacy Implications of the New Digital Signage Networks. Few consumers, legislators, regulators, or policy makers are aware of the capabilities of digital signs or of the extent of their use. The technology presents new problems and highlights old conflicts about privacy, public spaces, and the need for a meaningful debate.

e-Government /CIPSEA — The World Privacy Forum submitted comments to the Office of Management and Budget regarding proposed guidance on Title V of the e-Government Act. The proposed guidance did not address the relationship between CIPSEA and the USA PATRIOT Act Section 215, and guidance regarding identifiability and the Privacy Act of 1974 needs to be further refined. WPF suggests that OMB consider developing a formal statistical confidentiality seal controlled by a federal agency. The purpose would be to provide an identifiable marker that would tell individuals if the information they provide will receive the highest degree of confidentiality protection available under law.

This new WPF report finds that medical identity theft is still a crime that causes great harms to its victims, and that it is growing overall in the United States; however, there’s a catch. The national consumer complaint data suggests that the crime is growing at different rates in different states and regions of the US, creating medical identity theft “hotspots.” These hotspots are important for patients, policymakers, and healthcare stakeholders to know about so as to address potential risks.

WPF has conducted original research on India's Aadhaar, a national biometric ID system, including field research in India during 2010-2014. WPF has published the original research in a peer-reviewed journal, Nature-Springer, and in Harvard-based Journal of Technology Science. The research found that systemic challenges to data protection and privacy exist in the Aadhaar system, challenges which do have potential remedies. Key lessons can be learned for both the US and the EU as biometric systems grow in popularity.